Symphony 1.7.01 (non-patched) - Remote Code Execution
db-fetchRow0, $sql; ... ... ifisset$COOKIESYMCOOKIE $args = unserialize$COOKIESYMCOOKIE; $result = $this-login$args'username', $args'password', true, false; ------------------/source code--------------------- password value from cookie is not properly sanitized so the code above...